<?php
//$path_file = $this->path_file;
$filename = $this->file_name;

//các file upload được để trong 1 thư mục riêng
$upload_dir = JURI::root() . "/upload/";
 
$download_path = $this->path_file;

if(eregi("\.\.", $filename)) die("I'm sorry, you may not download that file."); 
 
$file = str_replace("..", "", $filename); 
 
if(eregi("\.ht.+", $filename)) die("I'm sorry, you may not download that file."); 
 
$file = "$download_path$file"; 

if(!file_exists($file)) die("I'm sorry, the file doesn't seem to exist."); 

$type = filetype($file); 

$today = date("F j, Y, g:i a"); 

$time = time(); 

header("Content-type: $type"); 

header("Content-Disposition: attachment;filename=$filename"); 

header("Content-Transfer-Encoding: binary"); 

header('Pragma: no-cache'); 

header('Expires: 0'); 

set_time_limit(0); 

if(readfile($file)){
    echo "ok";
}

?>